Lucene search
RootSSV:60029HistoryApr 10, 2012 - 12:00 a.m.
Apple Mac OS X PNG文件MediaVideo处理缓冲区溢出漏洞
2012-04-1000:00:00
Root
www.seebug.org
12
EPSS
0.066
Percentile
93.8%
BUGTRAQ ID: 51814
CVE ID: CVE-2011-3460
Mac OS是一套运行于苹果的Macintosh系列电脑上的操作系统。
Apple Mac OS X在为.png格式编码的视频解码分配空间时会触发特定的漏洞,计算surface的空间时,应用会信任MediaVideo标头中的比特位深。在解码过程中,应用会在surface的边界之外写入,在实现上存在缓冲区溢出漏洞,成功利用后可允许攻击者执行任意代码。受影响版本:Mac OS X 10.6.8 、Mac OS X Server 10.6.8、Mac OS X 10.7-10.7.2、Mac OS X Server 10.7-10.7.2
0
Apple Mac OS X < 10.7.3
Apple Mac OS X Server < 10.7.3
厂商补丁:
Apple
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
cve
cve
CVE-2011-3460
2012-02-02 18:55:01
nvd
nvd
CVE-2011-3460
2012-02-02 18:55:01
zdi
zdi
Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability
2012-04-09 00:00:00
prion
prion
Buffer overflow
2012-02-02 18:55:00
cvelist
cvelist
CVE-2011-3460
2012-02-02 18:00:00
nessus
nessus
QuickTime < 7.7.2 Multiple Vulnerabilities
2012-05-18 00:00:00
QuickTime < 7.7.2 Multiple Vulnerabilities
2012-05-18 00:00:00
QuickTime < 7.7.2 Multiple Vulnerabilities (Windows)
2012-05-16 00:00:00
openvas
openvas
Apple QuickTime Multiple Vulnerabilities - (Windows)
2012-05-18 00:00:00
Apple QuickTime Multiple Vulnerabilities - Windows
2012-05-18 00:00:00
Mac OS X Multiple Vulnerabilities (2012-001)
2012-02-06 00:00:00
securityvulns
securityvulns
Apple QuickTime multiple security vulnerabilities
2012-08-27 00:00:00
APPLE-SA-2012-05-15-1 QuickTime 7.7.2
2012-05-21 00:00:00
Apple OS X multiple security vulnerabilities
2012-02-03 00:00:00